This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Open Captive Web Portal for Private PSK - Default User Profile

Open Captive Web Portal for Private PSK - Default User Profile

Go to solution
george_margarit
New Contributor

‎07-15-2019 09:50 PM

Captive Web Portal with Return Aerohive Private PSK, sets Default User Profile to "default-profile".

However, "default-profile" has no firewall policies, allowing users to directly connect to the network.

 

Is it possible to configure a different User Profile, so we can apply the default firewall policy "Redirect-Only"?

This is possible with all other CWP options, but is overwritten when PPSK is selected.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
ashley_finch
Contributor III

‎07-16-2019 11:11 AM

Ah yes I see exactly what you mean now, I was looking on the PPSK rather than the Registration SSID, I see the same on the Cloud version of HiveManager.

I'm not sure as to why these options become unavailable so I'll leave that for Aerohive...

 

The only thing I can think of that may help is that if it is using the default user profile from the PPSK SSID, are you able to change this to a specific VLAN, security policies etc, and then apply a different profile for users when they actually receive a PPSK such as this?:

4b2a56e39b5c4692835d888d2e917493_0690c000008fydpAAA.png

View solution in original post

0 Kudos
8 REPLIES 8

Go to solution
george_margarit
New Contributor

‎07-17-2019 09:45 AM

OK, I believe I have found the solution for this, thanks Ashley for sharing the screenshot, it helped me figure it out.

The Open SSID is using the "Default User Profile" that is configured on the linked PPSK SSID.

 

I have created a new "captive-portal" user profile, which is linked to a new dedicated VLAN, which I can firewall accordingly on the network.

On the PPSK SSID, I have set the Default User profile to the new captive portal rdg-captiveportal.

Then I used Apply a different user profile to various clients and user groups and i have created an assignment policy, that would allow any registered user group to be assigned to the working Guest User profile.

 

937c902a8cac4df6947471196290213e_0690c000008g12rAAA.png

 

Thank you

0 Kudos

Go to solution
samantha_lynn
Esteemed Contributor III

‎07-16-2019 12:30 PM

When you set the SSID up as a Registration SSID the user profile settings do go away because this isn't a full SSID, it's meant for registration only and not browsing. Users should only be able to reach the CWP to register, but they shouldn't be able to browse anywhere else. If they are able to browse before they connect to the PPSK SSID, that would be something you'd want to open a technical support case about since that is not intended functionality.

 

If you'd like to add me to the HiveManager as an external user with the email slynn@aerohive.com, I can take a look at the set up and see if there is anything out of place. If you do want me to take a look, please let me know your VHM Organization name (found by clicking the silhouette icon in the top right corner> Global Settings> Account Details> About half way down the page will be your organization name) and the name of the Network Policy you'd like me to focus on.

0 Kudos

Go to solution
george_margarit
New Contributor

‎07-16-2019 12:01 PM

well, the "user access settings" are just not there. Something for @Aerohive Support​  to look at maybe.

0 Kudos

Go to solution
ashley_finch
Contributor III

‎07-16-2019 11:19 AM

It's correct that you cannot change the default profile object, however you should be able to set which object the SSID is using and create a new one if required.

For instance, my screenshot above is using a customer User Profile (Internal-UP) from within configure > policy > self reg SSID > scroll to the "user access settings" > click add to create a new user profile, or select one if you already have one preconfigured.

0 Kudos
GTM-P2G8KFN